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DETAILED ACTION 

1 . A response was received on 07 April 2006. No claims have been amended, 
added, or canceled. Claims 1-29 and 31 are currently pending in the present 
application. 

Response to Arguments 

2. Applicant's arguments filed 07 April 2006 have been fully considered but they are 
not persuasive. 

Claims 1-6, 14-26, 29, and 31 were rejected under 35 U.S.C. 103(a) as 
unpatentable over McNabb, US Patent 6289462, in view of England et al, US Patent 
6327652, and Claims 7-13, 27, and 28 were rejected under 35 U.S.C. 103(a) as 
unpatentable over McNabb in view of England, and further in view of "HP Virtualvault 
Trusted Web-Server Platform Product Brief ("Virtualvault"). 

In reference to Claim 1 , Applicant argues that there is no motivation to combine 
the references, that there is "no reasonable expectation that a person of ordinary skill 
could combine the references in any meaningful way", and that the suggested 
combination does not anticipate the claims (see page 4 of the present response). 

In response to applicant's argument that there is no suggestion to combine the 
references, the examiner recognizes that obviousness can only be established by 
combining or modifying the teachings of the prior art to produce the claimed invention 
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where there is some teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to one of ordinary skill in 
the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988) and In re 
Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). In this case, the motivation is 
to be found in England, as cited in the previous Office action, namely to guarantee the 
ability to distinguish between trusted and non-trusted systems executing on the same 
computer (see England, column 3, lines 56-61 ). 

In response to the statement that there is "no reasonable expectation that a 
person of ordinary skill could combine the references in any meaningful way", the 
Examiner notes that this is not actually the test set forth in the MPEP as quoted on page 
3 of the present response. Rather, the criterion is whether there is a "reasonable 
expectation of success". The Examiner believes that because both the McNabb and 
England references are directed to secure and/or trusted operating systems, and are 
therefore analogous art, there would be a reasonable expectation that one would be 
successful in combining features from the two systems. 

In response to Applicant's argument that neither England, McNabb, nor "any 
reasonable combination of the two" suggests the claimed limitation of "a requestor 
providing a specification of a service to be performed to the computing platform, 
wherein the specification of service establishes specified levels of trust for at least one 
of the processes in the service" (page 4 of the present response), the Examiner 
respectfully disagrees. The Examiner notes that both McNabb and England at least 
suggest a requestor providing a specification of a service to be performed (see 
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McNabb, as cited, column 19, line 55-column 20, line 2; see also, for example, England, 
column 9, lines 42-51 , noting that a requestor provides a specification of a service, 
namely the downloading of specific content) and that England, at least, suggests that 
levels of trust are specified for at least one process (see England, column 19, lines 13- 
40, where trust levels specifying required functions to access certain content or 
processes are specified in an access control list). 

The Examiner notes that other assertions and statements made by Applicant do 
not appear to be supported by specific citations from the references or elsewhere (see, 
for example, the second and third paragraphs on page 3 of the present response, noting 
the Applicant states that England "seems to say", or in the first full paragraph on page 5 
of the present response, where Applicant states that England "seems to suggest") and 
are therefore not persuasive as evidence. 

The Examiner further notes that Applicant has only presented arguments 
regarding independent Claim 1 , and has only explicitly traversed the rejection of Claims 
1-6, 14, 26, 29, and 31 (see page 2 of the present response). The Examiner further 
notes that 37 CFR 1 .1 1 1(b) requires that replies to an Office action must reply to every 
ground of objection and rejection in the prior Office action, and that the reply must 
present arguments pointing out the specific distinctions believed to render the claims, 
including any newly presented claims, patentable over any applied references. Even 
assuming that the traversal was intended to cover the rejections of all claims rejected as 
unpatentable over McNabb in view of England (namely, Claims 1-6, 14-26, 29, and 31 ), 
there is no reply to the rejection of Claims 7-13, 27, and 28, and further no arguments 
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have been presented regarding claims other than independent Claim 1. However, as 
this appears to be a bona fide attempt at advancing the application, and further because 
Applicant objects to alleged delays in the prosecution of the application as noted below, 
the present response has been considered as fully responsive under 37 CFR 1.111 in 
order to advance the prosecution of the present application. 

The Examiner additionally notes that Applicant alleges that, contrary to the 
guidelines of MPEP §§ 707.07(a) and (g), the Examiner is engaging in piecemeal 
examination of the application, because the Examiner allegedly delayed making "the 
best rejection the Examiner can make", namely McNabb in view of England, finding 
evidence for this allegation in the fact that both pieces of art were cited as early as the 
Office action mailed 02 February 2005. The Examiner respectfully disagrees with this 
allegation. First, the Examiner notes that MPEP § 707.07(a) is not directed to 
piecemeal examination. Further, the Examiner notes that, although England was 
considered relevant to the present application, a rejection under 35 U.S.C. 102(e) of 
Claims 1-6, 14-26, 29, and 31 was considered the best rejection that could be made 
(noting that an anticipation rejection would be considered a "better" rejection than an 
obviousness rejection). Only after consideration of Applicant's arguments, particularly 
those presented in the interview of 02 November 2005 and the response received 08 
November 2005, the Examiner determined that it would be appropriate to withdraw the 
rejections under 35 U.S.C. 102(e); however, upon further consideration of the prior art, 
the Examiner also determined that Claims 1-6, 14-26, 29, and 31 were unpatentable 
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over McNabb in view of England and therefore those claims were rejected under 35 
U.S.C. 103(a). 

Therefore, for the reasons detailed above, the Examiner maintains the rejections 
as set forth below. 

Information Disclosure Statement 

3. The information disclosure statements received 1 9 December 2005, 09 February 
2006, 16 February 2006, and 01 March 2006 have been considered. 

Specification 

4. The objection to the abstract is not withdrawn. Although the abstract has been 
reduced to a single paragraph and less than 150 words, the Examiner reminds 
Applicant that the form and legal phraseology often used in patent claims should be 
avoided in the abstract. 

5. The Examiner notes that this objection has not been addressed or acknowledged 
in the present response, nor was it addressed or acknowledge in the response received 
08 November 2005. The Examiner again notes that 37 CFR 1 .1 1 1 (b) requires that 
Applicants' response replies to every ground of objection and rejection in the prior Office 
action. 
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Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 1-6, 14-26, 29, and 31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McNabb, US Patent 6289462, in view of England et al, US Patent 
6327652. 

In reference to Claims 1 and 2, McNabb discloses a method including a 
requester providing a specification of a service to be performed that establishes 
required sensitivity levels for processes in the service (see, for example, column 1 9, line 
55-column 20, line 2, where different processes are specified for different sensitivity 
levels) and a computing platform executing the service according to the specification 
(see the Trusted Server of Figure 1 , and column 5, lines 20-29) and logging 
performance of the processes and providing the log to the requestor (the audit trail 
described at column 7, lines 28-33). However, although McNabb discloses sensitivity 
levels that describe required security (column 8, lines 33-37 and 10-15) and that there is 
a trusted computer system (column 8, lines 40-45), McNabb does not explicitly disclose 
details of establishing the trust in the computer system, nor does McNabb explicitly 
disclose levels of trust. 
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England discloses a method in which an operating system is securely loaded 
where each component of the system is associated with a trust level (column 4, lines 5- 
1 1 ) and each application is also determined to be trusted or non-trusted (column 9, lines 
1 1-20). England also discloses a requester providing a specification of a service to be 
performed that establishes required trust levels for processes in the service (column 9, 
lines 42-51; column 19, lines 13-40). England further discloses logging performance 
(see, for example, column 4, lines 18-23). Therefore, it would have been obvious to one 
of ordinary skill in the art at the time the invention was made to modify the method of 
McNabb to incorporate levels of trust as taught by England, in order to guarantee the 
ability to distinguish between trusted and non-trusted systems executing on the same 
computer (see England, column 3, lines 56-61). 

In reference to Claim 3, McNabb further discloses a protected computing 
environment (see Figure 1). 

In reference to Claims 4 and 23, McNabb further discloses measuring integrity of 
the platform (see column 8, lines 40-45, regarding the trusted computer system). 
England also discloses monitoring integrity (see, for example, column 12, lines 53-65). 

In reference to Claim 5, McNabb further discloses a management process that 
allocates the execution of processes and logging to environments associated with the 
platform (see column 21, lines 34-55). 

In reference to Claim 6, McNabb further discloses the management process 
within the protected environment (see column 21, line 34-column 22, line 2). 
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In reference to Claim 14, McNabb further discloses that a process may be 
swapped between environments (see column 11, line 66-column 12, line 14). 

In reference to Claims 15-20, McNabb further discloses logging input data, output 
data, and executed program instructions of a process (see column 7, lines 28-33; 
column 23, lines 26-35). 

In reference to Claim 21, McNabb further discloses encrypting the logging data 
(column 23, lines 26-35, where the audit record is protected). 

In reference to Claim 22, McNabb further discloses the specification of the 
service establishing logging parameters for the processes (column 23, lines 26-35). 

In reference to Claim 24, McNabb discloses a platform including a protected 
computing environment (see Figure 1) and one or more compartments (column 17, lines 
9-14), in which processes may be executed for a user in the compartments and the 
results of the processes may be returned to the user as trustworthy data from the 
protected environment (see, for example, column 6, lines 20-23), and where the 
platform further includes a management process that receives a service description 
including required sensitivity levels for processes within the service (see, for example, 
column 1 9, line 55-column 20, line 2, where different processes are specified for 
different sensitivity levels) and that allocates the processes to the compartments 
(column 21, lines 34-55). However, although McNabb discloses sensitivity levels that 
describe required security (column 8, lines 33-37 and 10-15) and that there is a trusted 
computer system (column 8, lines 40-45), McNabb does not explicitly disclose details of 
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establishing the trust in the computer system, nor does McNabb explicitly disclose 
levels of trust. 

England discloses a system in which an operating system is securely loaded 
where each component of the system is associated with a trust level (column 4, lines 5- 
1 1 ) and each application is also determined to be trusted or non-trusted (column 9, lines 
1 1-20). England further discloses receiving a service description including required 
trust levels for processes in the service (column 9, lines 42-51; column 19, lines 13-40). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the platform of McNabb to incorporate levels of trust as 
taught by England, in order to guarantee the ability to distinguish between trusted and 
non-trusted systems executing on the same computer (see England, column 3, lines 56- 
61). 

In reference to Claim 25, McNabb further discloses that the compartments may 
be located outside the protected environment (Figure 12; column 17, lines 57-61). 

In reference to Claim 26, McNabb further discloses that the compartments may 
be located inside the protected environment (Figure 12; column 17, lines 57-61). 

In reference to Claim 29, McNabb further discloses measuring integrity of the 
platform (see column 8, lines 40-45, regarding the trusted computer system). England 
also discloses monitoring integrity (see, for example, column 12, lines 53-65). 

In re f erenC e to Claim 31, McNabb further discloses the management process 
within the protected environment (column 21, line 34-column 22, line 2). 
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8. Claims 7-13, 27, and 28 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McNabb in view of England as applied to claims 5 and 24 above, and 
further in view of "HP Virtualvault Trusted Web-Server Platform Product Brief, 
hereinafter "Virtualvault". 

In reference to Claim 7, McNabb as modified by England discloses everything as 
applied to Claim 5 above. McNabb further discloses the use of compartments (see, for 
example, column 17, lines 9-14). However, McNabb does not explicitly disclose that the 
compartment contains a protected computing engine, nor does England. Virtualvault 
discloses a computing platform that includes the use of compartments, which include 
protected computing engines (see page 3, "Data Partitioning Separates and Secures 
Files"). Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to modify the method of McNabb and England to include 
compartments containing protected computing engines, in order to provide security for 
web servers (see Virtualvault, page 2, "Virtualvault: The Answer to Secure Access"). 

In reference to Claim 8, Virtualvault further discloses a Java virtual machine (see 
page 4, "A 'Vaulted' Java Virtual Machine"). 

In reference to Claim 9, McNabb further discloses that one or more 
compartments are located in the protected environment (see Figure 12; column 17, 
lines 57-61). Further, Virtualvault further discloses that one or more compartments are 
located within the protected environment (see page 3, the INSIDE compartment). 
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In reference to Claim 10, McNabb further discloses that the computing engine is 
prohibited from operating on input data if it is not permitted to do so (see column 8, lines 
1 0-1 5 on Mandatory Access Control). 

In reference to Claim 1 1 , McNabb further discloses that input data and processes 
are each provided with a type, and that the operation is prevented if the types do not 
match (see column 8, lines 10-15 on Mandatory Access Control). 

In reference to Claims 12 and 13, McNabb further discloses that the input data 
may have an owner, and that the process may be required to inform the owner of the 
use of the data or to obtain consent from the owner to use the data (see column 8, line 
54-column 9, line 4). 

In reference to Claims 27 and 28, McNabb as modified by England discloses 
everything as applied to Claim 24 above. However, McNabb does not explicitly disclose 
that the compartment contains a protected computing engine, specifically a Java virtual 
machine, nor does England. Virtualvault discloses a computing platform that includes 
the use of compartments, which include protected computing engines (see page 3, 
"Data Partitioning Separates and Secures Files"). Virtualvault further specifically 
discloses a Java virtual machine (see page 4, "A 'Vaulted' Java Virtual Machine"). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of McNabb and England to include 
compartments containing protected computing engines, specifically Java virtual 



Application/Control Number: 09/920,554 Page 13 

Art Unit: 2137 

machines, in order to provide security for web servers (see Virtualvault, page 2, 
"Virtualvault: The Answer to Secure Access"). 

Conclusion 

9. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Zachary A. Davis whose telephone number is (571 ) 272- 
3870. The examiner can normally be reached on weekdays 8:30-6:00, alternate 
Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
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number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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